rm -rf — why AI agents must not run it unattended
rm -rf is a critical-severity command that AI coding agents run without human checkpoints. DestructGuard's default tier blocks this pattern and logs every approve-or-abort decision to a JSONL audit trail.
rm -rf
What it does
Recursively deletes files and directories without confirmation.
Why agents run it
Autonomous coding agents optimize for task completion. When refactoring, cleaning up, or syncing repositories, agents often reach for rm -rf because it appears to solve the immediate problem — without surfacing irreversibility to the operator.
Default blocklist tier
DestructGuard's default rules tier includes rm -rf by default. Teams on the strict tier also block adjacent patterns. Pair with git pre-commit and pre-push hooks from the Pro Pack for defense in depth.
How to allow with audit
When a blocked command is genuinely needed, DestructGuard prompts for explicit approval and records the decision. Upload the audit log to IncidentScribe to reconstruct what happened before an outage.